<?php
class handle_permission
{	
    /**
     * 
     * $action: ten action can kiem tra
     * $permission_return: kiem tra co can gia tri tra ve hay khong
     * $url_redirect: duong danse chuyen huong khi khong co quyen
     * $SeoKey: neu bang null se lay seo key hien tai
     * $app_id: app can kiem tra, mac dinh la app hien tai
     */
	public function per_check_permission($action = NULL, $permission_return = false, $url_redirect = NULL, $SeoKey=NULL, $app_id = NULL)
	{
		$not_permission = $GLOBALS['ctr']->_['not_permission'];		
		
        $model = new system_model();
        $routerObj = new handle_route();
		$reObj = new handle_request();
        $permission = false;
        $user_id = isset($_SESSION['ID'])? $_SESSION['ID'] : '-1';
  
        $app_id = ($app_id == null)?AppID:$app_id;
        $app_name = ($app_id == 1)?'admin':'public';
        $action = ($action == null)?ACT:$action;
        
        $SeoKey = ($SeoKey == null)?SEO_CAT:$SeoKey;
        if($SeoKey ==  NULL)
        {
            $SeoKey = SEO_CAT;
        }
        
        $router = $model->model_get_router_permission($SeoKey, $app_name);
        $get_group_user = $model->model_get_group_user($user_id); 
        
        if(!empty($get_group_user) && !empty($router))
        {
            $cid = $router['ID'];
            if($cid == 1){
                $cid = 11;
            }

            foreach($get_group_user as $value)
        	{
                $get_permission = $model->model_get_permission($user_id, $cid, $action, $value['GroupID']);
                if(!empty($get_permission))
        		{
                   $permission = true;
                }
            }
        }

        if($permission_return)
        {
            return $permission;
        }else
        {
            if($permission)
            {
                return $permission;
            }else
            {
                if($url_redirect == NULL)
                {   
                    $url_redirect = URL_BASE . 'admin';
					$reObj->rq_sms($not_permission );
					$reObj->rq_goto_window_parent($url_redirect);
                }else
                {
					$reObj->rq_sms($not_permission);
                    $reObj->rq_goto_window_parent($url_redirect);
                }
                
            }
            
        }
	}
} 